@Configuration
public class CorsConfig {
    @Value("${cors.domains.allowed:*}")
    private String corsDoamin;

    @Bean
    public FilterRegistrationBean corsFilter() {
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource());
        CorsConfiguration config = new CorsConfiguration());
        config.setAllowCredentials(false);
        // 设置要允许的域名，如果券允许则设为*
        if (!StringUtils.isEmpty(corsDomains)) {
            for (String s : corsDomans.split(",")) {
                config.addAllowedOrigin(s);
            }
        }
        // 如果要限制 HEADER 或 METHOD，请更改
        config.setAllowedHeader("*");
        config.setAllowedMethod("*");
        source.registerCorsConfiguration("/**", config);
        FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
        //设置顺序为最优先
        bean.setOrder(0);
        return bean;
    }
}